ark@ritcv.UUCP (Alan Kaminsky) (08/18/88)
Mike Engber at the University of Wisconsin recently offered in this newsgroup to mail the source for his implementation of the RSA public- key cryptosystem to whoever wants it. Before everyone rushes off to write an encryption program based on the RSA cryptosystem, and ESPECIALLY before anyone posts a shareware implementation that involves possible monetary remuneration, everyone should be aware that the RSA algorithm is PATENTED in the U.S.A., and that a license is required to practice the RSA algorithm. Below I quote a letter from RSA Data Security Inc., the patentholder, to Mr. Greg Rose, that Mr. Rose recently posted in the sci.crypt newsgroup. The important part is the statement, "Licenses are required to practice the RSA cryptosystem in the United States." August 11, 1988 Mr Greg Rose Softway Pty Ltd Dear Mr Rose, We just read your message on SCI.CRYPT. Apparently, you saw a very old phone number from 1984 when RSA Security, Inc. (as it was called then) was in fact located in a home. RSA Data Security, Inc., the actual name of the Company, is and has been located at 10 Twin Dolphin Drive, Redwood City (see this letterhead) since September 1985. Our phone number is and has been (415) 595-8782 since September 1985. Calling directory assistance in the 415 area code and asking for RSA Data Security will get you the number. We have licensed a number of large companies including Motorola, Lotus, Tektronix, Racal, to name a few. Thousands of people in the USA and in Europe use our MailSafe product for the IBM PC. RSA Data Security is a viable enterprise; I am quite surprised you could not find us. US patent #4,405,829 is NOT public domain, and we have been to court to defend it. Licenses are required to practice the RSA cryptosystem in the United States. The patent was awarded to MIT, but RSA Data Security hold all exclusive rights to it, including the right to sublicense. I personally appreciate you correcting this on SCI.CRYPT to set the record straight. Sincerely, RSA Data Security, Inc. Jim Bidzos President Please, no flames to me, and no questions about interpretations of patent law; I am not a lawyer. But I do suggest that if you have any questions about when you do and do not require a license to implement the RSA cryptosystem, you contact the company above. -- Alan Kaminsky P. O. Box 9887 School of Computer Science Rochester, NY 14623 Rochester Institute of Technology 716-475-5255 ark@cs.rit.edu